-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbet.yml
53 lines (42 loc) · 1.5 KB
/
bet.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
---
- name: Updating TLS on Apache server
hosts: apache_server
become: yes
vars:
ssl_conf: '/etc/apache2/mods-available/ssl.conf'
line_update: 'SSLProtocol'
tasks:
- name: Create purpose.conf file in apache webserver
file:
path: /etc/apache2/sites-available/purpose.com.conf
state: touch
- name: Copy over purpose.conf.j2 to apache web server
template:
src: '/home/Playbook/purpose.conf.j2'
dest: '/etc/apache2/sites-available/purpose.com.conf'
- name: Enable site for purpose.com.conf
shell: sudo a2ensite purpose.com.conf
- name: Disable default site 000-default.conf
shell: sudo a2dissite 000-default.conf
- name: Update SSL.conf file
lineinfile:
path: '{{ ssl_conf }}'
regexp: '.*{{ line_update }}.*'
line: ' SSLProtocol -all -TLSv1.3'
backrefs: yes
state: present
create: no
- name: ensure syntax for apache is correct
shell: sudo apache2ctl configtest
- name: Restart Apache2 service
shell: sudo systemctl reload apache2
- name: Allow Apache full IF ufw status returns status inactive
shell: sudo ufw status
register: ufw_status
- name: Allow 'Apache Full' in UFW
shell: sudo ufw allow 'Apache Full'
when: ufw_status.stdout == 'inactive'
- name: Restart Apache2 service
shell: sudo systemctl reload apache2
- name: Install certbot
shell: sudo apt install certbot python3-certbot-apache -y